Cyber law due diligence in India is well known though a majority of Indian entrepreneurs operating e-commerce and online businesses are openly flouting the same. This may be due to ignorance of due diligence requirements of India or due to the fact that Indian government has not started punishing the violators yet. As a result e-commerce frauds, offences and crimes have significantly increased in India.
On the other hand other jurisdictions are taking good interest in tackling the violations by various online communities and entrepreneurs. For instance, United States has shut down 1677 illegal online pharmacies websites. Similarly, the European Union has declared that any business found to be engaging in hacking or any other cyber crime would be closed down.
This is a serious threat to those businesses that depend primarily upon unethical and illegal activities to survive. Similarly, this is also a warning note to those businesses that do not give proper attention to cyber law and cyber security requirements.
As per the new EU framework, member states must take necessary measures to make sure that firms who indulge in any kind of cyber crime can now be held accountable. The rules allow member states to serve punishment even if an employee carried out hacking without bosses’ knowledge. This is more on the lines of “strict liability” that business houses and owners must keep in mind.
Similarly, this would also require the businesses to appoint chief information officers and chief technology officers so that their business interests can be adequately safeguarded. In India this appointment of CIO has been made mandatory for the banks of India by Reserve Bank of India (RBI). However, till now banks of India are not following this requirement.
However, EU is not indifferent like India regarding cyber crimes and cyber law due diligence requirements. The proposed framework has prescribed sanctions that include exclusion from entitlement to public benefits or aid; temporary or permanent disqualification from the practice of commercial activities; placing under judicial supervision; judicial winding-up; temporary or permanent closure of establishments which have been used for committing the offence, etc.
Of late cyber attacks against critical infrastructure of EU countries have increased a lot. These are not ordinary attacks but are very sophisticated malware attacks that require urgent attention of EU regulators. The present framework may be the result of these growing cyber attacks.